Unsurprisingly, White spoke of directors as gatekeepers on whom shareholders and the SEC rely to prevent, detect and stop violations of the securities laws.

In this role she advised that directors seek to understand their company’s business model, risks, financial conditions, industry and competitors; that they be engaged, ask difficult questions and insist on answers; that they know what both institutional and retail shareholders are thinking; that they give thoughtful consideration to shareholder proposals and voting results, even when proposals are not adopted; and that they, along with senior management, embrace ethics and honesty by, among other things, establishing strong corporate compliance programs and a robust compliance culture.

White called out audit committees in particular as “hav[ing] an extraordinarily important role in creating a culture of compliance through their oversight of financial reporting.” As an aside, audit committee members should also take note of this blurb from the Wall Street Journal (subscription required) which reports Andrew Ceresney, Director of the Division of Enforcement, as having tagged financial reporting and audit fraud as “[t]he ‘next frontier’ for enforcement actions”, noting that the Commission will be looking at both corporations and audit firms.

White also called upon directors to consider the view of regulators and what they publicly identify as important and problematic. She even suggested that directors consider visiting their regulators and seeking input from them directly.

Overall White emphasized the need for directors (and senior management) to set an appropriate “tone at the top”.

When Should Your Company Self-Report Wrongdoing?

One immediate question you will have to answer is whether what has been discovered constitutes material information that requires public disclosure. If the answer is yes, that fact will also invariably dictate an obvious affirmative answer to broader self-reporting to the SEC.

Less obvious is the case of wrongdoing that does not rise to the level of a material event. In such a circumstance White refers us to certain of the factors in the Commission’s 2001 Seaboard statement on cooperation (outlining a number of criteria that the Commission considers when deciding whether and how to bring an enforcement action).

What is the upside to self-reporting and “sincere and thorough” cooperation with the Commission? Typically a reduced or no penalty and occasionally even no enforcement action. The downside? “[T]he opportunity to earn significant credit for cooperation may be lost” and, of course, the violation may be reported to the Commission anyway through its whistleblower program.

Internal Compliance and Whistleblowing

Finally, White characterizes the relationship between the SEC’s whistleblower program and a company’s own internal reporting process as one “designed to motivate those with reliable information about misconduct to come forward, while also encouraging them to work within their company’s own compliance procedures”.

White notes that the Commission considers whether a whistleblower first reported internally when determining the amount of any monetary award and expects that directors are “fostering a culture that affirmatively encourages and empowers employees to report wrongdoing … without free of being harassed, demoted or fired.”